Monitoring Social Media for Cyber Threats

byDigitalStakeout

What is Social Media Security Monitoring?

Social media security monitoring is exactly that, proactively using social media to identify and analyze cybersecurity threats to an organization. These threats may include anything from the identification of fake or abusive accounts to explicit threats targeting personnel to phishing attempts.

But social media monitoring is not quite as simple as it sounds. For every solution, there are unforeseen issues. For example, if you have an organization whose name contains a common word or phrase, most social media monitoring tools can easily inundate a security team with extremely high volumes of information, most of which is entirely irrelevant.

Thus, understanding the threats that social media may pose can help a team whittle down those irrelevant results and only have to look at the most relevant information. In addition, developing a monitoring model with a threat funnel against the organization’s product(s) and brand provides reference points for large-scale monitoring and alerting to deliver valuable threat information in real-time.

Cyber Threats Posed by Social Media

The social media landscape is vast, and the range of potential threats against a given organization or individual is dynamic.

Below are a few of the most common threats we enable our customers to detect and mitigate.

Negative Situations – Not all social media threats are directly technical. Organizations need to be aware of real-time social media conversations about emerging cyber-attacks and major cybersecurity incidents, including acts of deliberate disruption to customers, partners or industry.

Brand abuse – With almost no effort, in the digital world nefarious actors can create digital footprint (websites, social media, e-commerce, apps, etc.) that look like your brand and execute a monetization strategy to target your customers. The immediate impact of brand infringement on your business is lost revenue and eroded customer trust.

Impersonations – Whereas account hijackings require the use of legitimate login credentials, impersonations do not, and therefore are much more dangerous. Impersonations can occur when a threat actor pretends to be both individuals and organizations, often seeking to either tarnish a reputation, cause general chaos and confusion, or set up a phishing campaign.

Oversharing – One of the greatest dangers presented by avid social media users, especially those who leave their location settings turned on, is that they unwittingly (and sometimes fully wittingly) share details about their locations, plans, and other information that shouldn’t be made public in a manner that allows potential adversaries to establish a physical pattern of life.

Reconnaissance (OSINT) – Thus far, all of the threats mentioned have been active, but the open-source intelligence threat targeting the individuals and personnel associated with an organization is just as important, despite its relative passiveness. OSINT research seeks to identify individuals and their roles in order to set up and launch spearphishing and whaling campaigns. For more information about how threat actors conduct OSINT campaigns against individuals and organizations, see Online Footprinting: Target Selection and Phishing Expeditions.

Phishing – Finally, and perhaps most dangerous of all is social media phishing, which often involves using a malicious link to distribute malware, spam, or other threat against an individual’s computer. Yes, OSINT research can identify individuals, for a targeted campaign, but social media phishing can ensnare anyone who clicks the embedded link.

This is only a description of the threats presented by social media in the broadest of terms. Within each threat, there are multiple subcategories and further aspects to consider when attempting to prepare defenses against each threat type. There are plenty of other security concerns that social media poses to its users.

Monitoring Cyber Threats with Social Media Monitor

DigitalStakeout also provides the option of configuring a monitor to deliver real-time alerts, so that your security team can rest assured that if a threat does develop, they will be the first to know. With these alerts, digital content can be removed or users can be educated before the threat has an opportunity to harm the organization or its personnel.

Learn More about how DigitalStakeout’s Social Media Monitor can assist your organization with digital risk protection, data protection, executive protection, and more.